Support for customizing request and response body in OIDC filters

[sberyozkin]

Fixes #49041.
Fixes #40258.

This PR provides a simple option for OidcRequestFilter implementations to customize a request body and for OidcResponseFilter implementations to customize a response body, by depending on a shared OidcRequestContextProperties map as a medium to pass the updated content back to the runtime

[Copilot]

Pull Request Overview

This PR implements support for customizing request and response bodies in OIDC filters by adding new constants to OidcRequestContextProperties and modifying the filtering mechanism to check for and apply custom request/response bodies through shared context properties.

• Adds REQUEST_BODY and RESPONSE_BODY constants to OidcRequestContextProperties for filter customization
• Updates filtering logic across OIDC components to support custom request/response body handling
• Provides comprehensive documentation and test coverage for the new functionality

Reviewed Changes

Copilot reviewed 18 out of 18 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
OidcRequestContextProperties.java	Adds new constants for request and response body customization
OidcCommonUtils.java	Implements utility methods for handling custom request/response bodies
Various OIDC runtime files	Updates filtering calls to use new body customization support
Test files	Adds integration tests demonstrating request/response body customization
Documentation files	Updates documentation with examples of the new filtering capabilities

Comments suppressed due to low confidence (1)

docs/src/main/asciidoc/security-openid-connect-client-registration.adoc:569

• [nitpick] Class name 'ClientRegistrationReRequestFilter' contains 'ReRequest' which appears to be a typo. Consider 'ClientRegistrationRequestFilter' instead.

public class ClientRegistrationReRequestFilter implements OidcRequestFilter {

[sberyozkin]

Thanks @gastaldi, Copilot was helpful yet again, I was copying/pasting some code examples across several docs and ended up with some non-compiling code in one of the docs :-)

[github-actions]

🙈 The PR is closed and the preview is expired.

[sberyozkin]

Sorry, looks like NPE is showing up, in some cases, the code I added assumes the buffer that is checked is never null

[sberyozkin]

Sorry again, so OidcRequestContextProperties are set to null when no request and/or response filters are registered, which is the case for many tests, and that was causing NPE because this PR assumed OidcRequestContextProperties was never null when checking if t had an updated body recorded

[michalvavrik]

I just spend last hours modifying similar classes #46697 so I am not super happy to see this PR 😀 but it looks fine. I left one opinion as I'd implement it differently, but it's optional. LGTM.

[quarkus-bot]

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 50b1a85.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

[quarkus-bot]

Status for workflow Quarkus Documentation CI

This is the status report for running Quarkus Documentation CI on commit 50b1a85.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

[michalvavrik]

Thanks!